1.2. Installation on Ubuntu

Caution

This installation guide is for demonstration purposes only. For production installation you need to change steps according to your requirements.

This section will guide you through pre-compiled demo installation of FRED on Ubuntu.

Before you start, make sure that all system requirements for this demo installation are met:

  • Disk space: 10 GB

  • RAM: 1 GB

  • CPU: 2 cores

You can also check the system requirements for production use.

You can install the pre-compiled demo in two ways:

  • download and run our demo installation script that will automatically install all required components incl. auxiliary software, or

  • you can follow the installation steps one-by-one manually. The steps describe basically what the script does.

Important

Remember to set the timezone in PostgreSQL to UTC, after you complete installation either way.

1.2.1. Demo installation script

To try FRED and associated software, use our pre-made installation script below:

# Switch to root
sudo su -
# Download the script
wget -O fred-ubuntu-install.sh https://fred.nic.cz/public/media/1689167142/150/
# Execute the script
. fred-ubuntu-install.sh

What steps the script takes is explained in the following section.

1.2.2. Installation steps

This section explains the individual steps that are taken by the installation script to install software required for the operation of the FRED.

Switch to root before you begin

sudo su -

1.2.2.1. Prerequisities

  1. Install dependencies

    apt update
    apt install -y ca-certificates curl gnupg lsb-release
    
  2. Docker installation

    sudo mkdir -m 0755 -p /etc/apt/keyrings
    
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --batch --yes --dearmor -o /etc/apt/keyrings/docker.gpg
    
    echo \
      "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
      $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    
    apt update
    apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
    
  3. Create dummy network interface for docker

    cat << EOT >> /etc/netplan/01-dock.yaml
    network:
      version: 2
      renderer: networkd
      bridges:
        dock:
          dhcp4: false
          dhcp6: false
          accept-ra: false
          interfaces: [ ]
          addresses:
            - 192.168.1.1/32
    EOT
    
    netplan apply
    
  4. Add cznic keyring for fred packages and run update with the new source list

    mkdir -p /usr/share/keyrings/
    curl -o /usr/share/keyrings/cznic-archive-keyring.gpg https://archive.nic.cz/dists/cznic-archive-keyring.gpg
    
    cat << EOT >> /etc/apt/sources.list.d/fred.list
    deb [signed-by=/usr/share/keyrings/cznic-archive-keyring.gpg] http://archive.nic.cz/next $(lsb_release -sc) main
    EOT
    
    apt update
    
  5. Postfix non-interactive installation

    debconf-set-selections <<< "postfix postfix/mailname string $(hostname)"
    debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
    apt --assume-yes install postfix
    

1.2.2.2. FRED installation

  1. Installation of FRED backend services (using meta package)

    apt --assume-yes install fred
    
  2. Set the PostgreSQL timezone to UTC

    sed -i~ -e "s/^#\?\s*timezone\s*=.*/timezone = 'UTC'/" /etc/postgresql/12/main/postgresql.conf
    systemctl restart postgresql
    
  3. Initialization of the FRED database (schemas)

    su - postgres -c "/usr/sbin/fred-dbmanager install"
    
  4. Add system registrar, otherwise some of the services wont start

    /usr/sbin/fred-admin --registrar_add --handle=REG-SYSTEM --reg_name=REG_SYSTEM --organization=SYSTEM --street1=SYSTEM --city=SYSTEM --email=SYSTEM --url=SYSTEM --country=CZ --dic=12345 --no_vat --system
    
  5. Configuration of fred-backend-registry` and fred-backend-logger – for detail see the installation script

  6. Configuration of FRED messenger – for detail see the installation script

  7. Create and initialize FRED messenger database

    sudo -u postgres psql -c 'CREATE DATABASE messenger;'
    sudo -u postgres psql -c "CREATE USER messenger WITH ENCRYPTED PASSWORD 'passwd';"
    sudo -u postgres psql -c 'GRANT ALL PRIVILEGES ON DATABASE messenger TO messenger;'
    MESSENGER_CONFIG=/etc/fred/messenger.conf alembic --config /etc/fred/messenger-alembic.ini upgrade head
    
  8. Enable secretary in uWSGI

    cp /usr/share/doc/python3-django-secretary/examples/fred-secretary.ini /etc/uwsgi/apps-available/
    ln -s /etc/uwsgi/apps-available/fred-secretary.ini /etc/uwsgi/apps-enabled/fred-secretary.ini
    sed -i '/\/run\/uwsgi\/fred-secretary\/socket/c\socket = \/run\/uwsgi\/app\/fred-secretary\/socket' /etc/uwsgi/apps-available/fred-secretary.ini
    cp /usr/share/doc/python3-django-secretary/examples/uwsgi_secretary.py /etc/uwsgi/
    
  9. Setup nginx and copy secretary configuration

    apt --assume-yes install nginx
    cp /usr/share/doc/python3-django-secretary/examples/secretary-nginx.conf /etc/nginx/sites-available/secretary.conf
    ln -s /etc/nginx/sites-available/secretary.conf /etc/nginx/sites-enabled/secretary.conf
    rm /etc/nginx/sites-enabled/default
    
  10. Create a folder for the uWSGI socket and static files folder for secretary

    mkdir -p /run/uwsgi/app/fred-secretary/
    chown www-data:www-data /run/uwsgi/app/fred-secretary
    mkdir -p /var/www/fred/
    chown www-data:www-data /var/www/fred
    
  11. Create and initialize secretary database

    sudo -u postgres psql -c 'CREATE DATABASE secretary;'
    sudo -u postgres psql -c "CREATE USER secretary WITH ENCRYPTED PASSWORD 'passwd';"
    sudo -u postgres psql -c 'GRANT ALL PRIVILEGES ON DATABASE secretary TO secretary;'
    sudo -u www-data PYTHONPATH=/etc/fred DJANGO_SETTINGS_MODULE=secretary_cfg.settings django-admin migrate
    
  12. Collect secretary static files and create secretary superuser

    sudo -u www-data PYTHONPATH=/etc/fred DJANGO_SETTINGS_MODULE=secretary_cfg.settings django-admin collectstatic
    sudo -u www-data DJANGO_SUPERUSER_USERNAME=admin DJANGO_SUPERUSER_PASSWORD=password DJANGO_SUPERUSER_EMAIL=admin@admin.com PYTHONPATH=/etc/fred DJANGO_SETTINGS_MODULE=secretary_cfg.settings django-admin createsuperuser --noinput
    
  13. Load secretary templates

    apt install python3-docopt
    cd /usr/share/doc/python3-django-secretary/examples/secretary-templates/
    sudo -u www-data PYTHONPATH=/etc/fred DJANGO_SETTINGS_MODULE=secretary_cfg.settings python3 load_templates.py pdf-templates.yml
    sudo -u www-data PYTHONPATH=/etc/fred DJANGO_SETTINGS_MODULE=secretary_cfg.settings python3 load_templates.py fred-migration.yml
    sudo -u www-data PYTHONPATH=/etc/fred DJANGO_SETTINGS_MODULE=secretary_cfg.settings python3 load_templates.py fred-templates.yml
    
  14. Enable installed services and start them

    systemctl enable --now omniorb4-nameserver fred-accifd fred-adifd fred-akmd fred-backend-logger fred-backend-registry fred-dbifd fred-logd fred-msgd fred-pifd fred-rifd fred-rsifd fred-pyfred fred-webadmin fred-secretary fred-messenger-server apache2 nginx
    
  15. Allow epp and whois daemon in apache

    a2ensite 02-fred-mod-eppd-apache.conf
    a2ensite 02-fred-mod-whoisd-apache.conf
    service apache2 restart
    
  16. Restart the nginx and services to be sure, that the config is correctly loaded

    systemctl restart nginx
    systemctl restart 'fred-*'
    systemctl restart omniorb4-nameserver
    
  17. Deploy docker apps – Ferda, Webwhois, RDAP

    apps=("ferda" "webwhois" "rdap")
    WORKDIR=/etc/fred/docker-apps/
    # Initialize new docker swarm so we can have docker stack for each service
    docker swarm init
    
    mkdir -p $WORKDIR
    # We are doing the same process for every docker app - pull demo compose and .env file, pull images and deploy them using docker stack
    for app in ${apps[@]}; do
          # Create directory structure for docker-apps and download demo-deploy files
          mkdir $WORKDIR/$app-git
          cd $WORKDIR/$app-git
          git clone https://gitlab.nic.cz/fred/$app
          cd ..
          mkdir -p $WORKDIR/$app
          cp -r $app-git/$app/docs/demo-deploy $app
          rm -rf $app-git
    
          # Pull app images from registry.nic.cz
          docker pull registry.nic.cz/fred/$app/$app-uwsgi
          docker pull registry.nic.cz/fred/$app/$app-nginx
    
          # Deploy docker stacks
          cd $WORKDIR/$app/demo-deploy/
          docker stack deploy --compose-file docker-compose.yml $app
    done
    
  18. Before starting FRED for the first time, you need to initialize the system. Instructions how to do it can be found in the chapter System initialization.